diff options
author | msquare <msquare@notrademark.de> | 2017-12-14 14:56:29 +0100 |
---|---|---|
committer | msquare <msquare@notrademark.de> | 2017-12-14 14:56:29 +0100 |
commit | 952dc6921acb275de74dd33be2ecb01986bfdd49 (patch) | |
tree | 962874c1b554f6b8eaaaaf685f81fe69687b4282 | |
parent | c70e268a2e25855391a53240a9ca783c3a7a94dd (diff) |
undo of fix #382: XXE DoS in engelsystem - the feature is actually needed for xcal files
-rw-r--r-- | includes/pages/admin_import.php | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/includes/pages/admin_import.php b/includes/pages/admin_import.php index 4faca183..4b0f35de 100644 --- a/includes/pages/admin_import.php +++ b/includes/pages/admin_import.php @@ -80,7 +80,6 @@ function admin_import() if (isset($_FILES['xcal_file']) && ($_FILES['xcal_file']['error'] == 0)) { if (move_uploaded_file($_FILES['xcal_file']['tmp_name'], $import_file)) { libxml_use_internal_errors(true); - libxml_disable_entity_loader(true); if (simplexml_load_file($import_file) === false) { $valid = false; error(_('No valid xml/xcal file provided.')); @@ -425,7 +424,6 @@ function read_xml($file) global $xml_import; if (!isset($xml_import)) { libxml_use_internal_errors(true); - libxml_disable_entity_loader(true); $xml_import = simplexml_load_file($file); } return $xml_import; |